<?php 
session_start();
header('Content-Type: text/HTML; charset=UTF-8');

?>
<?php include_once("connection.php"); 
   if(strlen($_POST["title"])!=0){
	   if($_POST["mode"]!=0){
	   		mysql_query("update tbl_post set title='".$_POST["title"]."',context='".$_POST["context"]."'"."where post_id='".$_POST["mode"]."'");
	   }
	   else{
	   mysql_query("insert into tbl_post(title,context) values ('" . $_POST["title"] ."','".$_POST["context"]. "')");
	   }
	   
   }
   else if(strlen($_GET["melih"])){
	   
	   $_SESSION["user"]="";
	   $_SESSION["name"]="";
	   $_SESSION["level"]="";
	   session_destroy();
	   
   }


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
Design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License

Name       : Personal Description: A two-column, fixed-width design.
Version    : 1.0
Released   : 20080513

-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php include_once("delete.php"); ?>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />

<title>Bahar Çağlar's Personal Web Page</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
</head><body>
<?php 
echo md5("12345");
	if(strlen($_GET["del"])!=0){
		mysql_query("delete from tbl_post where post_id='".$_GET["del"]."'");
	}
	else if(strlen($_POST["username"])!=0){
		if(strlen($_POST["password"])!=0){
			$tbl=mysql_query("select user_id,password,usr_level from users where user_name='".$_POST["username"]."'");
			$row=mysql_fetch_assoc($tbl);
			if(strcmp(md5($_POST["password"]),$row["password"])==0){
				$_SESSION["user"]=$row["user_id"];
				$_SESSION["name"]=$_POST["username"];
				$_SESSION["level"]=$row["usr_level"];
				?><script> alert("Welcome  <?php echo $_POST["username"];?>");</script><?php 
			}
		}
		else{
			?><script> alert("yanlış giriş yaptınız");</script><?php 
		}
	}
?>

<!-- start header -->
<div id="header">
	<?php include_once("header.php"); ?>
</div>
<!-- end header -->
<!-- start page -->
<div id="wrapper">
	<div id="page">
				<!-- start content -->
				<div id="content">
                <?php 
				$tbl = mysql_query("select * from tbl_post order by post_id");
				while($var=mysql_fetch_assoc($tbl)){
						?>
                        <div class="post">
						<h1 class="title"><?php echo $var["title"]; ?></h1>
						<p class="byline"><small><?php echo $var["post_date"]; ?> by <a href="#">admin</a></small></p>
						<div class="entry">
							<h2><?php
							if(strlen( $var["context"])>200){
								echo substr($var["context"],0,200)."..."; 

							}	
							else{
								echo $var["context"];
								
								}
								
								?>
                           
						</h2></div>
						<p class="meta"><a href="index.php" class="more">Read More</a> &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; <a href="#" class="comments">Comments</a> (33)<?php if(strlen($_SESSION["user"])&& $_SESSION["level"]==2){ ?> <a href="#" onclick="del('<?php echo $var["post_id"]; ?>','index.php');" title="delete"><img src="images/delete.png" title="delete" width="16" height="16" border="0"/> Delete </a> &nbsp; &nbsp; <a href="addPost.php?edit=<?php echo $var["post_id"];?>" title="edit"><img src="images/edit.png" title="edit" width="16" height="16" border="0"/> Edit </a><?php } ?></p>
					</div>
                        <?php 
				}
				
				?><?php if(strlen($_SESSION["user"])&& $_SESSION["level"]==2){ ?><div align="right" ><a href="addPost.php" title="add"><img src="images/plus.png" title="add" width="16" height="16" border="0"/>Add Post</a></div> <?php }?>
				</div>
				<!-- end content -->
				<!-- start sidebar -->
				<div id="sidebar">
               
				<?php include_once("sitebar.php"); ?>
				</div>
				<!-- end sidebar -->
				<div style="clear:both">&nbsp;</div>
	</div>
</div>
<div id="footer">
	<?php include_once("footer.php"); mysql_close($con); ?>
</div>
</body>
</html>
